Whereas user-facing applications are often written in modern languages, the firmware, operating system, support libraries, and virtual machines that underpin just about any modern computer system are still written in low-level languages that value flexibility and performance over convenience and safety. Programming errors in low-level code are often exploitable and can, in the worst case, give adversaries unfettered access to the compromised host system. This book provides an introduction to and overview of automatic software diversity techniques that, in one way or another, use randomization to greatly increase the difficulty of exploiting the vast amounts of low-level code in existence. Diversity-based defenses are motivated by the observation that a single attack will fail against multiple targets with unique attack surfaces. We introduce the many, often complementary, ways that one can diversify attack surfaces and provide an accessible guide to more than two decades worth of research on the topic. We also discuss techniques used in conjunction with diversity to prevent accidental disclosure of randomized program aspects and present an in-depth case study of one of our own diversification solutions.

Whereas user-facing applications are often written in modern languages, the firmware, operating system, support libraries, and virtual machines that underpin just about any modern computer system are still written in low-level languages that value flexibility and performance over convenience and safety. Programming errors in low-level code are often exploitable and can, in the worst case, give adversaries unfettered access to the compromised host system. This book provides an introduction to and overview of automatic software diversity techniques that, in one way or another, use randomization to greatly increase the difficulty of exploiting the vast amounts of low-level code in existence. Diversity-based defenses are motivated by the observation that a single attack will fail against multiple targets with unique attack surfaces. We introduce the many, often complementary, ways that one can diversify attack surfaces and provide an accessible guide to more than two decades worth of research on the topic. We also discuss techniques used in conjunction with diversity to prevent accidental disclosure of randomized program aspects and present an in-depth case study of one of our own diversification solutions.

This book constitutes the refereed proceedings of the 7th International Workshop on Software Engineering for Resilient Systems, SERENE 2015, held in Paris, France, in September 2015. The 10 revised technical papers presented were carefully reviewed and selected from 18 submissions. The papers are organized in topical sections on development of resilient systems, verification, validation and evaluation of resilience, case studies and applications.

The recent COVID-19 pandemic has emphasized the importance of safety and ergonomics in the workplace. From work-life balance and mental health to risk prevention, maintaining a healthy and happy workforce has become essential for the progress of every company. Moreover, ensuring inclusive spaces has become a pillar of business with some worrying that the diversity agenda will be overshadowed by the recent pandemic. It is imperative that current research is compiled that sheds light on the advancements being made in promoting diversity and wellbeing in the modern workforce. The Research Anthology on Changing Dynamics of Diversity and Safety in the Workforce is a comprehensive reference source that provides the latest emerging research on diversity management and initiatives as well as occupational health and safety practices in the workplace. These concepts are necessary for global workplaces to remain safe, efficient, and inclusive. Covering topics such as employee equity, human resources practices, and worker wellbeing, this anthology provides an excellent resource for researchers, human resources personnel, managers, safety officers, policymakers, CEOs, students, professors, and academicians.

Today’s cyber defenses are largely static allowing adversaries to pre-plan their attacks. In response to this situation, researchers have started to investigate various methods that make networked information systems less homogeneous and less predictable by engineering systems that have homogeneous functionalities but randomized manifestations. The 10 papers included in this State-of-the Art Survey present recent advances made by a large team of researchers working on the same US Department of Defense Multidisciplinary University Research Initiative (MURI) project during 2013-2019. This project has developed a new class of technologies called Adaptive Cyber Defense (ACD) by building on two active but heretofore separate research areas: Adaptation Techniques (AT) and Adversarial Reasoning (AR). AT methods introduce diversity and uncertainty into networks, applications, and hosts. AR combines machine learning, behavioral science, operations research, control theory, and game theory to address the goal of computing effective strategies in dynamic, adversarial environments.

Safety of Computer Control Systems is a collection of papers from the Proceedings of the IFAC Workshop, held in Stuttgart, Germany on May 16-18, 1979. This book discusses the inherent problems in the hardware and software application of computerized control to automated systems safeguarding human life, property, and the environment. The papers discuss more specific concerns, such as railway systems, aircraft landing systems, nuclear power stations, chemical reactors, elevators, and cranes. The book also describes the safety and reliability of complex industrial computer systems together with an example showing the application of computers in power plants. One paper presents guidelines in documenting safety related computer systems that will help various parties who are involved in their purchase and operation. Another paper discusses how to detect failures in microcomputer systems such as memory violations and invalid operation code detectors. This book then concludes by discussing the necessity of inspecting process computers used in nuclear power plants, especially when computers are used in reactor protection, control rod, and authentication of log-in systems. This collection can be of interest for students of programming, process-computer analysts, heads of computer technology departments and institutions, and lecturers in industrial computer programming and design.

The State of the Art in Intrusion Prevention and Detection analyzes the latest trends and issues surrounding intrusion detection systems in computer networks, especially in communications networks. Its broad scope of coverage includes wired, wireless, and mobile networks; next-generation converged networks; and intrusion in social networks. Presenting cutting-edge research, the book presents novel schemes for intrusion detection and prevention. It discusses tracing back mobile attackers, secure routing with intrusion prevention, anomaly detection, and AI-based techniques. It also includes information on physical intrusion in wired and wireless networks and agent-based intrusion surveillance, detection, and prevention. The book contains 19 chapters written by experts from 12 different countries that provide a truly global perspective. The text begins by examining traffic analysis and management for intrusion detection systems. It explores honeypots, honeynets, network traffic analysis, and the basics of outlier detection. It talks about different kinds of IDSs for different infrastructures and considers new and emerging technologies such as smart grids, cyber physical systems, cloud computing, and hardware techniques for high performance intrusion detection. The book covers artificial intelligence-related intrusion detection techniques and explores intrusion tackling mechanisms for various wireless systems and networks, including wireless sensor networks, WiFi, and wireless automation systems. Containing some chapters written in a tutorial style, this book is an ideal reference for graduate students, professionals, and researchers working in the field of computer and network security.

This book of Advances in Intelligent and Soft Computing contains accepted papers presented at CISIS 2021 and ICEUTE 2021, all conferences held in the beautiful and historic city of Bilbao (Spain), in September 2021. The aim of the 14th CISIS 20121 conference is to offer a meeting opportunity for academic and industry-related researchers belonging to the various, vast communities of computational intelligence, information security, and data mining. The need for intelligent, flexible behavior by large, complex systems, especially in mission-critical domains, is intended to be the catalyst and the aggregation stimulus for the overall event. After a through peer-review process, the CISIS 2021 International Program Committee selected 23 papers which are published in these conference proceedings achieving an acceptance rate of 40%. In this relevant edition, a special emphasis was put on the organization of special sessions. One special session is organized related to relevant topics as follows: building trust in ecosystems and ecosystem components. In the case of 12th ICEUTE 2021, the International Program Committee selected 17 papers, which are published in these conference proceedings. One special session is organized related to relevant topics as follows: sustainable personal goals: engaging students in their learning process. The selection of papers is extremely rigorous in order to maintain the high quality of the conference, and we would like to thank the members of the program committees for their hard work in the reviewing process. This is a crucial process to the creation of a high standard conference, and the CISIS and ICEUTE conferences would not exist without their help.

This book constitutes the refereed proceedings of the 24th International Conference on Product-Focused Software Process Improvement, PROFES 2023, which took place in Dornbirn, Austria, in December 2023. The 21 full technical papers, 8 short papers, and 1 poster paper presented in this volume were carefully reviewed and selected from 82 submissions. The book also contains one tutorial paper, 12 and workshop papers and 3 doctoral symposium papers. The contributions were organized in topical sections as follows: Part I: Software development and project management; machine learning and data science; software analysis and tools; software testing and quality assurance; security, vulnerabilities, and human factors; Part II: Posters; Tutorials; 2nd Workshop on Computational Intelligence and Software Engineering (CISE 2023); 2nd Workshop on Engineering Processes and Practices for Quantum Software (PPQS’ 23); doctoral symposium.